我正在尝试学习和练习AWS Cloudformation模板。
在验证模板时,我遇到错误。
$ aws cloudformation validate-template --template-body file:///home/bhemanth/Downloads/ec2-templates/singe-instance-v2.yaml
An error occurred (ValidationError) when calling the ValidateTemplate operation: Invalid template resource property 'BlockDeviceMappings'
CloudFormation模板代码错误:
AWSTemplateFormatVersion: '2010-09-09'
Description: 'CentOS EC2 Instance template'
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
Default: hemanth
AllowedValues:
- hemanth
- client
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: CentOS
Type: String
Default: t2.small
AllowedValues:
- t2.micro
- t2.small
- t2.medium
ConstraintDescription: must be a valid EC2 instance type.
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType:
Ref: InstanceType
SecurityGroups:
- Ref: InstanceSecurityGroup
KeyName:
Ref: KeyName
ImageId: ami-01ed306a12b7d1c96
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: EnableAll
GroupDescription: Enable SSH access for all ports
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '0'
ToPort: '65535'
CidrIp:
Ref: SSHLocation
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
DeleteOnTermination: true
Status: attached
Hypervisor: xen
RootDeviceName: /dev/sda1
RootDeviceType: ebs
Tags:
- Key: Name
Value: Docker
VirtualizationType: hvm
UserData:
Fn::Base64: !Sub |
#!/usr/bin/env bash
yum install -y wget
wget -O- https://get.docker.com/ | sh
systemctl status docker
systemctl start docker
systemctl enable docker
systemctl status docker
systemctl status -l docker
Volumes:
- Attachments:
Device: /dev/sda1
State: attached
DeleteOnTermination: true
AvailabilityZone: us-west-2a
Encrypted: false
Size: 30
State: in-use
Iops: 100
VolumeType: gp2
Outputs:
InstanceId:
Description: InstanceId of the newly created EC2 instance
Value:
Ref: EC2Instance
AZ:
Description: Availability Zone of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- AvailabilityZone
PublicDNS:
Description: Public DNSName of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- PublicDnsName
PublicIP:
Description: Public IP address of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- PublicIp
我正在尝试准备aws cloudformation模板,该模板将从用户数据中安装docker并在实例终止时删除该卷。
能否请您告知我的模板出了什么问题?
如果可以,请为初学者创建aws cloudformation的好技巧和秘诀。
谢谢, 灵气。
答案 0 :(得分:1)
CloudFormation Linter通过以下方式捕捉到了更多信息:
E3001 Invalid resource attribute BlockDeviceMappings for resource InstanceSecurityGroup
singe-instance-v2.yaml:51:5
E3001 Invalid resource attribute Hypervisor for resource InstanceSecurityGroup
singe-instance-v2.yaml:56:5
E3001 Invalid resource attribute RootDeviceName for resource InstanceSecurityGroup
singe-instance-v2.yaml:57:5
E3001 Invalid resource attribute RootDeviceType for resource InstanceSecurityGroup
singe-instance-v2.yaml:58:5
E3001 Invalid resource attribute Tags for resource InstanceSecurityGroup
singe-instance-v2.yaml:59:5
E3001 Invalid resource attribute VirtualizationType for resource InstanceSecurityGroup
singe-instance-v2.yaml:62:5
E3001 Invalid resource attribute UserData for resource InstanceSecurityGroup
singe-instance-v2.yaml:63:5
E3001 Invalid resource attribute Volumes for resource InstanceSecurityGroup
singe-instance-v2.yaml:73:5
BlockDeviceMappings,Tags,UserData,Volumes和AvailabilityZone之类的属性类型应缩进到比Properties:更远的级别
我还认为这些属性应该位于AWS::EC2::Instance资源中Properties:的下方,因为它们大多数不是有效的AWS::EC2::SecurityGroup属性类型
我不认为Hypervisor是任何资源类型的有效属性类型,所以我不确定该属性类型来自何处
我建议参考AWS::EC2::SecurityGroup和AWS::EC2::Instance资源类型的文档